<?php

  function updatePageRating($url, $url_param, $user_name, $title, $rating) {
    $return_string = "";

    if (!isset($_SESSION['user_name'])) {
      $return_string .= "<returncode>0</returncode>\n";
      $return_string .= "<errormessage>You're not logged in!</errormessage>\n";
      return $return_string;
    }
   
    $query = "SELECT id FROM WebPage WHERE url = '" . $url . "'";
    $result = mysql_query($query);
    $webpage_id = -1;
    if (mysql_num_rows($result) == 0) {
      $webpage_id = registerPage($url);
    } else {
      $result_row = mysql_fetch_assoc($result);
      $webpage_id = $result_row['id'];
    }

    $webpagequery_id = updatePageParameter($webpage_id, $url_param, $title);
    $user_id = $_SESSION['user_id'];
    $query = "SELECT * FROM WebPageRating WHERE user_id=$user_id"
           . " AND webpagequery_id=$webpagequery_id";
    $result = mysql_query($query);
      
    if (mysql_num_rows($result) == 0) {
      $query2 = "INSERT INTO WebPageRating (webpagequery_id, user_id, rating)"
              . "VALUES($webpagequery_id, $user_id, $rating)";
      $result = mysql_query($query2);
      $return_string .= "<returncode>1</returncode>\n";
    } else {
      $query2 = "UPDATE WebPageRating SET rating=$rating "
              . "WHERE webpagequery_id=$webpagequery_id AND user_id=$user_id";
      $result = mysql_query($query2);
      $return_string .= "<returncode>1</returncode>\n";
    }
    return $return_string;
  }
?>
